FreeBSD Bugzilla – Attachment 180046 Details for
Bug 217140
security/openvpn: Fix build with LibreSSL 2.5.1
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
svn diff for security/openvpn
patch-security_openvpn-LibreSSL-2.5.1 (text/plain), 2.42 KB, created by
Bernard Spil
on 2017-02-16 13:58:19 UTC
(
hide
)
Description:
svn diff for security/openvpn
Filename:
MIME Type:
Creator:
Bernard Spil
Created:
2017-02-16 13:58:19 UTC
Size:
2.42 KB
patch
obsolete
>Index: security/openvpn/files/patch-src_openvpn_ssl__openssl.c >=================================================================== >--- security/openvpn/files/patch-src_openvpn_ssl__openssl.c (nonexistent) >+++ security/openvpn/files/patch-src_openvpn_ssl__openssl.c (working copy) >@@ -0,0 +1,44 @@ >+From dcfd3b6173d8cdb4658de23db1dd0bd932b390d2 Mon Sep 17 00:00:00 2001 >+From: Olivier Wahrenberger <olivierw.ml@gmail.com> >+Date: Mon, 13 Feb 2017 19:38:26 +0100 >+Subject: [PATCH] Fix building with LibreSSL 2.5.1 by cleaning a hack. >+ >+Similar to what is done in curl: https://github.com/curl/curl/blob/028391df5d84d9fae3433afdee9261d565900355/lib/vtls/openssl.c#L603-L619 >+ >+Use SSL_CTX_get0_privatekey() for OpenSSL >= 1.0.2 >+ >+Signed-off-by: Olivier Wahrenberger <olivierw.ml@gmail.com> >+Acked-by: Steffan Karger <steffan.karger@fox-it.com> >+Message-Id: <20170213183826.73008-1-O2Graphics@users.noreply.github.com> >+URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg14045.html >+Signed-off-by: Gert Doering <gert@greenie.muc.de> >+--- >+ src/openvpn/ssl_openssl.c | 14 +++++++++++--- >+ 1 file changed, 11 insertions(+), 3 deletions(-) >+ >+diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c >+index 8266595..abf69c9 100644 >+--- a/src/openvpn/ssl_openssl.c >++++ b/src/openvpn/ssl_openssl.c >+@@ -508,10 +508,18 @@ tls_ctx_load_ecdh_params(struct tls_root_ctx *ctx, const char *curve_name >+ const EC_GROUP *ecgrp = NULL; >+ EVP_PKEY *pkey = NULL; >+ >++#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER) >++ pkey = SSL_CTX_get0_privatekey(ctx->ctx); >++#else >+ /* Little hack to get private key ref from SSL_CTX, yay OpenSSL... */ >+- SSL ssl; >+- ssl.cert = ctx->ctx->cert; >+- pkey = SSL_get_privatekey(&ssl); >++ SSL *ssl = SSL_new(ctx->ctx); >++ if (!ssl) >++ { >++ crypto_msg(M_FATAL, "SSL_new failed"); >++ } >++ pkey = SSL_get_privatekey(ssl); >++ SSL_free(ssl); >++#endif >+ >+ msg(D_TLS_DEBUG, "Extracting ECDH curve from private key"); >+ > >Property changes on: security/openvpn/files/patch-src_openvpn_ssl__openssl.c >___________________________________________________________________ >Added: fbsd:nokeywords >## -0,0 +1 ## >+yes >\ No newline at end of property >Added: svn:eol-style >## -0,0 +1 ## >+native >\ No newline at end of property >Added: svn:mime-type >## -0,0 +1 ## >+text/plain >\ No newline at end of property
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=180046">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 217140
: 180046